If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Hacker attacked school computer

Sigh. First UBC, now Nipissing. And the "attacker" was on there for 7 months!!.

I personally love the line where they say they followed "standard security procedures". I wonder if that included live checks of the server on a regular basis? It is a good reminder to all to check your systems on a regular basis for possible activities. Firewalls and IDSes only go so far. Human eyes and brains can pick up so much more (and "it takes too much time" doesn't fly).

A Northern Ontario university is advising students and staff to check their credit records for unauthorized loans, after discovering a hacker has been keeping tabs on the school's computerized administration system.

Spying software that records every keystroke was discovered on a central computer server at Nipissing University, in North Bay, last week — nearly seven months after it was first installed.

The breached server contained registration and payroll information for the entire school.

"We do what everybody else does when it comes to computer security, but whoever it was still broke in," said Murray Green, vice-president for administration and finance at Nipissing University. "I was shocked."

Green said the hacker could have accessed the names, addresses and social insurance numbers for approximately 7,000 university students, graduates and staff. Bank account numbers for employees also might have been exposed.

Suspicions were raised a month ago when the school noticed unusually high levels of traffic on the computer network. Security specialists from Sun Microsystems were called in to investigate the problem and found spying software, known as a keystroke logger, had been running on the machine since March 25.

For the last seven months, whenever someone logged in to the system, the keystroke logger recorded their username and password. Such information could have been automatically transferred to the hacker via the Internet, Green said.

Once the hacker had someone's password, he could have used it to access their personal information. Hackers often go after social security numbers and banking information to assist in identity theft, taking out mortgages or credit cards in other people's names.

Consequently, the school is advising Nipissing students, staff and alumni to check their credit records and call their bank to ensure no loans have been taken out without their knowledge.

"The programs installed on our servers were done by a sophisticated user(s) and ordinary operating commands would not detect their activity. How this information was used is unknown at this time but anything is possible," Green wrote in a candid e-mail sent out to staff on Oct. 15. "This includes payroll information, bank accounts, passwords providing access to other secure sites, etc."

While not overly alarmed, students and staff at the university admitted concern.

"I think most people are adopting a wait-and-see attitude," said sociology professor Stan Lawlor, adding people are anxious to know the hacker's purpose. "Was it to obtain private information, or information on the university, or identity theft?"

Anthony Digiacomo, a second-year business student, said the university has more to worry about than individual students.

"I guess I keep thinking that the worst that could happen is that the hacker gets to pay my student loans for me, so I'm not exactly worried about it.

"If someone wants to steal my identity, they're going to have a whole lot of debt to pay."

Staff Sergeant Rick Sapinski of the North Bay Police Service said officers are investigating.

"We do not as yet have any suspects. We're just starting the investigations," he said. "We're working as quickly as we can."

He said the North Bay police have never dealt with such a major computer security breach before.

Green said that while the school often deals with viruses on student computers, it's the first time the university's administration system has fallen victim to a hacker.

Roger Thompson, director of malicious content research for Computer Associates International Inc., said the hacker probably did steal some financial data given the length of time he had to perpetrate the crime.

Thompson said keystroke loggers are "very prevalent." But he said they are normally found on personal computers, not major servers run by large institutions.

Green insists the school followed all the standard security procedures and had firewalls and monitoring software in place to catch hackers.

Green insists the school followed all the standard security procedures and had firewalls and monitoring software in place to catch hackers.

Then their standards are set way too low. They don't even have any physical security in place, and haven't even physically looked over their equipment.

Security specialists from Sun Microsystems were called in to investigate the problem and found spying software, known as a keystroke logger, had been running on the machine since March 25.

They had to call an outside agency in to even find a stange physical object hanging off the back of their server.

\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
Author Unknown